Privacy Notice
This Privacy Noticeexplains how we collect and use your personal data. We take great care to effectively protect all your data and without exception your personal data. Please read this notice carefully. If you have any questions about this Privacy Notice, or if you want to enforce your rights, please contact us, po@madesmart.nl.
Personal data
In this Privacy Notice has the same meaning as in the EU General Data Protection Regulation 2016/679/EU (GDPR). Essentially, it means information which is connected to a living individual who can be identified from that information, either by itself or when combined with other data likely to come into our possession. Personal data can include information collected by certain cookies or tracking technologies if it builds up a profile of you.
Collection and use.
If we collect and use personal data it is in order to support our primary aim to carry out a business which serves our customers with maritime information. Our purposes and lawful grounds for processing your personal data vary, depending on our relationship with you and on the activity in question. We will never sell your personal data. We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.
What we collect and how we use it.
Visitors to our Websites:
- We use Google Analytics for statistical insight in website visit based on IP address
- We use your name, email address and comment if put in our contact form, to address
your request. Your mail address is stored in our CRM to contact you later when we
feel this is relevant for you and as related to your request.
Client contact:
- We store your mail in our CRM, or delete when appropriate.
- We store signed contracts in our administration.
- Related to our services we monitor and log your log-in details, which might include email address, name, company name and/or telephone number. These are stored in a
secured user right management system and/or another secure database (see Data
Security), with access limited to you, the user, for your own data, and to assigned
authorized officers of MSG to operate and monitor our services to you. (see Data
security)
Other business contacts:
- We store your mail in our CRM, or delete when appropriate.
Suppliers and service providers and their personnel.
- We store your mail in our CRM, or delete when appropriate.
- We store signed contracts in our administration.
Applicants for jobs, traineeships etc.
- We store your mail and data provided in our CRM, or delete when appropriate. We
comply with legal limits for keeping data. Data is only accessible by designated
authorized officers of MSG
Employees
- Employee records are kept in our administration, and with the accountancy firm we
contracted to do the payroll accounting and tax return administration. - The administration is accessible only by designated authorized officers of MSG
- The contracted accountancy firm is compliant with GDPR.
Data security
In order to prevent unauthorized access, distortion or disclosure of your personal data we have
put in place appropriate physical, technical and organizational measures. Our service providers
are required to do the same. Almost all our data is secured in the Equinex Data Centers which
comply with the highest safety and security standards. With our managed hosting service
provider we have put in place a Data Processing Agreement and made sure the supplier
qualifies as a processor within the meaning of Section 4(8) GDPR;
CRM:
Limited access designated authorized officers MSG Administration: limited access designated authorized officers MSG, and in subcontract data with our accounting firm which complies with GDPR Operational systems and website visits: limited access designated authorized officers MSG.
Data retention
We only keep your personal data for as long as necessary to fulfil the purposes for which we collected and continue to process it, and to satisfy any legal, accounting or reporting requirements.
Your rights
Where applicable we respect your data protection rights, including to request access, rectification, restriction, deletion or “porting” of your data, and to object to our use of your data. We do not make decisions about you based on electronic profiling. You also have the right to complain to the applicable data protection Supervisory Authority, but please contact us first so that we can address your concerns. Please consider we only use your data to provide you services, and failing this data the quality of services might get at stake.
You have all the rights on your data as you provided to us. These rights include, but not limited to,
- The right to object to direct marketing
- The right to have access to Information
- The right to withdraw your consent to the processing of your personal data
- The right to object to processing of your personal data
- The right to request the restriction of your personal data
- The right to request amendment or erasure of your personal data
- The right to personal data portability
- The right to complain to the Supervisory Authority
- One or more independent public bodies responsible for supervising the application of the GDPR, as
referred to in Article 4(21) and Article 51 GDPR. In the Netherlands, this is the Dutch Data Protection
Authority (Autoriteit Persoonsgegevens).
How to exercise your rights:
You can exercise your rights at any time by contacting us at po@madesmart.nl
Please include in your email:
- A clear statement on which rights you are seeking to enforce;
- A full description of the information or type of information that you are writing about;
- Details which will confirm your identity, such as a scan of your passport or driving
license and a recent utility bill.